Incident Response Aws Cloud

ELOKA AGAJELU, CISSP®

adx64n@r.postjobfree.com

443-***-****

LINKEDIN URL

HTTPS:WWW.LINKEDIN.COM/IN/EL OKA-AGAJELU-267060A8

SKILLS

* ***** ***** ********* ********** in Amazon AWS (with a focus on Security and Identity Services, Single-Sign on Support for Applications, AWS Cloud native-SIEM integrations, Designing Incident Response solutions in AWS cloud & Config mgmt. for cybersecurity compliance)

10 years’ experience with Red Hat Linux platforms

Proficient in Terraform and possess intermediate level knowledge of Python.

PROFESSIONAL EXPERIENCE

Information Security Officer

Sedgwick Government Solutions

November 2021 - Present

SME for IT security for the organizations corporate and customer IT systems, platforms, interconnections, and environment.

Responsible for advising and assisting independent security assessors acting on behalf of federal agency customers during yearly NIST 800-53 & 171 (RMF) audit and assessment exercises.

Responsible for preparing and reviewing the accuracy of privacy documents (PTA and PIA) for approval by the federal agency (customer) privacy office and to ensure that PII findings are recorded and published by the company as required by law.

Responsible for preparing, updating, and revising system security plans, business contingency plans, incident response plans and corrective action (POA&M) plans and tailoring them to meet compliance requirement.

Providing cyber security consulting and hands-on technical and non-technical assistance to the organization for both FedRAMP and non-FedRAMP environments in accordance with NIST SP 800-53 (rev4 and 5), 800-37, OMB, and other authoritative IT security guidance.

Developing System Security and Privacy Plans, Configuration Management, IT Contingency, and Incident Response Plans and related security assessment package documents in accordance with NIST requirements.

Responsible for policy modifications, additions and changes to organizational policies in response to agency guidelines, executive orders.

Investigating new and emerging security threats against the organization’s network and corporate infrastructure by requesting and reviewing Nessus scan result, IDS alerts (for new signatures), understanding technical/business requirements etc.

Arranging and providing oversight of annual penetration testing exercises, including DDoS fire drills/mitigation.

Cloud Security Engineer

CareFirst Blue Cross-Blue Shield

Owings Mills MD

January 2020 - August 2020 (Contractor)

Provided security operations support to a project development team to provision and migrate a datacenter operation to the AWS cloud and to build, configure and expose a real-time data streaming service to support a partner healthcare company in AWS using Confluent Kafka service.

Designed and developed and incident response program specific to the system boundary including building remediation playbooks and using AWS ‘best practices’ conformance packs to map findings to remediation actions using approved CIS/CSF benchmarks.

Sr. Systems (Linux)& Security Engineer Merkle Inc

Columbia MD

April 2018 - January 2020

Worked directly with development and operations teams to address security vulnerabilities for hybrid cloud systems using both cloud native and proprietary tools.

Secured Java-based web applications such as Tomcat, JBOSS, IBM WebLogic and WebSphere including, disabling the use of SSL and unsupported TLS versions and forcing the support of SSL end-to-end encryption.

Trained Corp customers to adhere to cyber security hygiene and built/operated/tested disaster recovery solutions using automation tools such as Lambda to create regular EBS snapshots, AMIs etc., CloudWatch-SNS to track resources and trigger alarms and/or emails when there is an outage.

Provided technical support to cloud teams in areas of security for e.g., implementing and maintaining a centralized logging system of IAM-access management in both AWS and Google (GCP)* platforms.

Enforced ‘best practice’ cloud security hygiene (including security monitoring and testing) by enabling AWS Config rules on cloud platforms to evaluate AWS resources for compliance and were supported using Systems Manager (SSM) to remediate out-of-compliance objects, configuring SNS notifications/topics and subscribing distribution lists, ticketing solutions.

EDUCATION

2013 Master of Laws,

University of Baltimore School of Law

2002 Bachelor of Laws,

University of Nigeria-Enugu NIGERIA

Certifications

Amazon AWS Solutions Architect Associate - December 2022 (Active)

(ISC)2 Certified Information Systems Security Professional CISSP - January 2021 (Active)

Amazon AWS Security - Specialty - May 2020 (Expired)

(ISC)2 Certified Governance Risk and Compliance Professional - Sept 2019 (Active)

Oracle Linux Certified Associate - 2017 (Expired)

Security Eligibility Determination

Public Trust and low risk/non-sensitive

Contact this candidate